Menu

Importance of Data Masking in Testing and Staging Environments

08 September 2016

Background:

Dealing with Production Data is a challenge, but most organizations around the world have safeguards in place which secure the production environment properly.However,when it comes to non-production environments like Dev (Development) environment or Test Environment etc., they still do not have proper security in place. Protecting sensitive data is not an only an organization’s moral responsibility, but in certain cases it is also demanded by governing standards. This data can belong to customer or even organization’s employees.

Either way, proper protections should be in place to ensure that data residing with the organization is secure.

What is Sensitive Data?

The definition of Sensitive data is pretty broad and changes from country to country, organization to organization, and even individual to individual.

Globally, every country accepts that Credit/Debit Card Data is sensitive data – explicitly the Card Number and Pin/CVV/CVV2 details.

Why Secure Data?

There have been cases where critical customer data, when lost, causes an organization to face lawsuits and spend millions of dollars to settle them. This can be a huge cost to any organization in an unfortunate event where critical customer data is lost.

What is Data Masking?

Data masking is nothing but obscuring specific records within the database. Masking of data ensures that sensitive data is replaced with realistic but not real data in testing environment thus achieving both the aims – protecting sensitive data and ensuring that test data is valid and testable.

Data masking is not just about Test Data. In fact this concept can be applied to every situation where an organization does not want to reveal real data. Example: Salary information of every employee. Whether any compliance standard explicitly considers this as sensitive data or not, salary-related information still remains sensitive information from an organization’s standpoint, and thus protecting the same makes sense for it. Data masking techniques can be applied here as well. There can be many such scenarios.